Detections
Analytics
OL09-00-003022 - OL 9 must log username information when unsuccessful logon attempts occur.
Information
Without auditing of these events, it may be harder or impossible to identify what an attacker did after an attack.Solution
Configure OL 9 to log username information when unsuccessful logon attempts occur.Add/modify the "/etc/security/faillock.conf" file to match the following line:
audit
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_9_V1R5_STIG.zip
Item Details
Audit Name: DISA Oracle Linux 9 STIG v1r5
Category: ACCESS CONTROL
References: 800-53|AC-7a., CAT|II, CCI|CCI-000044, Rule-ID|SV-271841r1092235_rule, STIG-ID|OL09-00-003022, Vuln-ID|V-271841
Plugin: Unix
Control ID: b35b32acbdb94d13a84e940155ecdde806107c106b279338968046ce3e68f8ff